NotCVE - vendor:"Fortinet" product:"FortiClientLinux" version:" >= 7.0.6 <= 7.0.10"

4 results (0.020 seconds)

CVSS: 5.0EPSS: 0%CPEs: 9EXPL: 0

CVE-2024-50570

https://notcve.org/view.php?id=CVE-2024-50570

18 Dec 2024 — A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector • https://fortiguard.fortinet.com/psirt/FG-IR-23-278 • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 5.9EPSS: 0%CPEs: 32EXPL: 0

CVE-2022-45856

https://notcve.org/view.php?id=CVE-2022-45856

10 Sep 2024 — An improper certificate validation vulnerability [CWE-295] in FortiClientWindows 6.4 all versions, 7.0.0 through 7.0.7, FortiClientMac 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientLinux 6.4 all versions, 7.0 all versions, 7.2.0 through 7.2.4, FortiClientAndroid 6.4 all versions, 7.0 all versions, 7.2.0 and FortiClientiOS 5.6 all versions, 6.0.0 through 6.0.1, 7.0.0 through 7.0.6 SAML SSO feature may allow an unauthenticated attacker to man-in-the-middle the communication between the F... • https://fortiguard.fortinet.com/psirt/FG-IR-22-230 • CWE-295: Improper Certificate Validation •

CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0

CVE-2024-31489

https://notcve.org/view.php?id=CVE-2024-31489

10 Sep 2024 — AAn improper certificate validation vulnerability [CWE-295] in FortiClientWindows 7.2.0 through 7.2.2, 7.0.0 through 7.0.11, FortiClientLinux 7.2.0, 7.0.0 through 7.0.11 and FortiClientMac 7.0.0 through 7.0.11, 7.2.0 through 7.2.4 may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the FortiGate and the FortiClient during the ZTNA tunnel creation Una vulnerabilidad de validación de certificado incorrecta [CWE-295] en FortiClientWindows 7... • https://fortiguard.fortinet.com/psirt/FG-IR-22-282 • CWE-295: Improper Certificate Validation •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2023-45590

https://notcve.org/view.php?id=CVE-2023-45590

09 Apr 2024 — An improper control of generation of code ('code injection') in Fortinet FortiClientLinux version 7.2.0, 7.0.6 through 7.0.10 and 7.0.3 through 7.0.4 allows attacker to execute unauthorized code or commands via tricking a FortiClientLinux user into visiting a malicious website Un control inadecuado de la generación de código ("inyección de código") en Fortinet FortiClientLinux versión 7.2.0, 7.0.6 a 7.0.10 y 7.0.3 a 7.0.4 permite a un atacante ejecutar código o comandos no autorizados engañando a un usuario... • https://fortiguard.com/psirt/FG-IR-23-087 • CWE-94: Improper Control of Generation of Code ('Code Injection') •